package com.kindsoft.demo.ad;


import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider;

/**
 * Created by zhoujm on 2020/2/21/021.
 */
@EnableWebSecurity
public class ActiveDirectorySecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
    @Autowired
    AdUserDetailsMapper adUserDetailsMapper;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        // TODO Auto-generated method stub
        ActiveDirectoryLdapAuthenticationProvider activeDirectoryLdapAuthenticationProvider = new ActiveDirectoryLdapAuthenticationProvider(
          "unicademo.com", "LDAP://unica-demo:389", "DC=unicademo,DC=com");
        activeDirectoryLdapAuthenticationProvider.setUserDetailsContextMapper(adUserDetailsMapper);
        auth.authenticationProvider(activeDirectoryLdapAuthenticationProvider);
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // TODO Auto-generated method stub
        http.authorizeRequests()
                .antMatchers("/hello").fullyAuthenticated()
//            .anyRequest().fullyAuthenticated()
                .and()
                .formLogin();
    }
}
